HTML by default in KMail

Valter Mura valtermura at gmail.com
Fri Aug 6 17:59:43 BST 2010 

In data venerdì 6 agosto 2010 15:47:24, Scott Kitterman ha scritto:

> > A Linux system is by default secure, enabling HTML is certainly not.
> > 
> > Let the users who want to have it turn it on by themselves, but don't
> > do so by default. I would really hate it to see kmail users of the
> > future send html by default to mailing lists...
> > 
> > 
> > Regards, Myriam.
> 
> I agree with this.  Yes, plain text by default may seem a bit old
> fashioned, but HTML by default opens a large number of additional code
> paths to potential exploits (and it appears to be very difficult to write
> secure HTML parsers).
> 
> The system should default to a safe/secure configuration that users can
> change if they choose.

I apologize in advance for this long extract from one of the first e-mail 
client programmer, the good David Harris, but his words are mine:
---
"P****** M*** has full support for composing HTML mail: HTML is Internet 
jargon for the special encoding of web pages that allows them to contain 
pictures, hyperlinks, styles and so forth, and it has spread to e-mail in the 
last couple of years. In other e-mail packages, HTML has become the vehicle of 
choice for transmitting malicious computer viruses and “trojan horses”, but 
P****** M*** goes to elaborate lengths to protect you from that kind of thing.
Equally, when you compose HTML mail in P****** M***, you can have every 
confidence that nothing about your message can pose a threat to users of other 
packages, even vulnerable ones.
It’s probably worth stating clearly at this point that HTML mail is not 
universally popular on the Internet; aside from the well-documented security 
problems it has spawned, HTML is not an especially good or consistent 
standard, and the way your message appears may vary from system to system 
depending on how HTML is implemented there. Add to this the fact that HTML 
tends to be larger than plain text, and that not all mailers can yet read HTML 
data, and you have a recipe for a feature that may not win you many friends if 
you use it without some consideration. Before you send a message containing 
pictures or formatting, consult the recipient and make sure that he or she is 
both willing and able to handle HTML mail — simply assuming that a given 
recipient will be happy to receive HTML mail may get you into all kinds of 
strife.
P****** M*** takes some pains to handle HTML mail responsibly; by default, it 
will only generate HTML mail messages if you use an option that absolutely 
requires it — font changes, bold/italic/underline, pictures, tables and colour 
changes will all tell P****** M*** that it needs to generate HTML for the 
message. If you do not use any of these features, then P****** M*** will send 
your message as normal plain-text mail, compatible with all systems.
You can always tell if you have used a feature that will cause P****** M*** to 
generate HTML because the Rich Text control in the message editor will check 
itself; unchecking the control will force the formatting to be discarded when 
the message is sent, resulting in a message containing only plain text.
---

Best regards,
-- 
Valter
Registered Linux User #466410  http://counter.li.org
Kubuntu Linux: www.kubuntu.org
OpenOffice.org: www.openoffice.org

More information about the kubuntu-devel mailing list